The outgoing director of the National Security Agency suggested on Thursday that the surveillance giant could accept only being allowed to collect domestic phone data related to terrorist communications, a shift away from its current practice of collecting all such call records regardless of whether there is a suspected connection to terrorism.

General Keith Alexander, testifying before the Senate armed services committee for what could be the final time as head of the NSA, told senators that one option under consideration in the Obama administration’s deliberations about revamping the NSA’s surveillance programs was to “get only that data” relating to terrorist communications.

“Can we come up with a capability that gets just those that are predicated on a terrorist communication?” Alexander said.

Alexander, who is due to end his nearly nine years running the NSA imminently, said there were “pros and cons” to that, as well as to the other proposed options for the future of domestic phone data collection, one of which is having the government continue to gather it in bulk while having a private entity, such as the telephone companies, store it.

In the nine months since the Guardian revealed the NSA’s bulk gathering of US phone data, thanks to whistleblower Edward Snowden, Alexander has been a passionate defender of retaining the scale of such collection, regardless of whether the interception and retention is conducted by the NSA or by a private-sector entity.

“I would love to give this hornet’s nest to someone else, to say: ‘You get stung by this.’ But don’t drop it, because that’s our country, and if you do drop it, the chance of that a terrorist attack gets through increases,” Alexander said in October.

But while he appeared to soften his position on bulk domestic surveillance on Thursday, Alexander also implored Congress to pass legislation that would expand the authority of the NSA and its twin-sister military organization, Cyber Command, to protect private and business networks from online data theft and cyber attacks.

“We need to have a classified relationship” with major businesses to aid their ability to secure their data, Alexander said. That relationship is currently the responsibility of the Department of Homeland Security; Alexander said he would meet with the new DHS secretary, Jeh Johnson, over the next several weeks.

Acknowledging that public skepticism about NSA surveillance has effectively stalled cyber legislation, Alexander said he wanted “a reset with how we look at NSA and cyber … those attacks are coming.”

Thinking about cyber intrusions and attacks as analogous to warfare remains in its infancy in Washington. Asked when cyber attacks constitute acts of war, Alexander said that was ultimately a “policy decision,” but “I’d submit that if it destroys government or other networks and impacts our ability to operate, you’ve crossed a line.”

The US is believed to have already crossed that line by unleashing the Stuxnet worm to disrupt industrial controls on Iranian nuclear centrifuges. In June, the Guardian revealed a policy directive from President Obama authorizing cyber attacks on adversaries that can have “severely damaging” effects.

The final year of Alexander’s tenure has been overshadowed by the revelations of how widespread his agency’s powers are, thanks to Snowden.

Alexander said he felt that the NSA can now prevent “the massive stuff” from leaking, but will be hard pressed to stop future Snowdens from exfiltrating smaller amounts of internal data.

“There will always be an issue – we’re going to have to trust some people with some level of information,” he said.

Unlike James Clapper, the director of national intelligence, who recently told the Daily Beast that the bulk domestic surveillance ought to have been public, Alexander said he thought “the rationale for going in and keeping this secret was sound from the beginning.”

“The true tragedy in all this is the way the press has articulated them [the NSA] as the villains when what they are doing is protecting this country and [doing] what we have asked them to do,” he said.

Several senators on the panel, both advocates and critics of bulk surveillance, saluted the departing Alexander – skeptic Mark Udall of Colorado asked him questions about bulk phone records collection “for old time’s sake.”

But chairman Carl Levin of Michigan said there was a possibility the panel would call Alexander back to discuss changes to mass domestic phone data collection once the Obama administration proposes its future contours, a decision expected by the end of March.

Alexander would not address any aspect of the NSA’s involvement in the bulk harvesting of data from Yahoo webcams by its British partner GCHQ, as revealed Thursday by the Guardian, or its access to that data.

“Hmm, webcam. That’s a good question,” Alexander said after the hearing, walking away from a reporter.